System and method to record encrypted content with access conditions

ABSTRACT

A secure detachable utility monitoring device is disclosed, to be appended to a utility metering apparatus for controlling at least one utility usage consumption. A detachable metering monitoring device of at least one embodiment includes: a usage reading interface to acquire a utility consumption value metered by the utility meter; a first memory to store at least a unique identifier ID and a personal key, both pertaining to the device; a crypto processor to generate a cryptogram from information data comprising at least the utility consumption value, the cryptogram being encrypted with the personal key; a message generator to generate an information message including at least the cryptogram and the unique identifier ID; and a communication network interface including a sending unit to send the information message to a remote management center.

FIELD OF THE INVENTION

This invention concerns the field of securing utility usage monitoringagainst various hacking threats by means of meter reader plug-ins.

TECHNICAL BACKGROUND

The on-going deregulation in worldwide energy distribution markets isdriving the need for smart utility distribution grids and smart meters,enabling both utility providers and consumers to monitor the detailedconsumption of an end user at any time through open communicationnetworks. The energy market is particularly concerned as of today butrelated issues are also relevant to other utility markets such as wateror gas.

While a number of legacy meters already implement some point-to-pointautomated reading protocols using for instance standard optical or modeminterfaces, they are not able to interact with either the end user homearea network devices or the remote utility monitoring facilities usingwireless or power line communication networks. The industry answer tothis regulatory requirement in the next decade will therefore consist inswapping the legacy meters for so-called smart meters, which raisestremendous costs for the utility vendors and the consumers in the end.

Moreover, the resulting dependency of the basic metering functionalityon remote communication messages raises significant concerns on theeffective robustness to software bugs as well as emerging threats suchas smart grid worms and viruses taking advantage of smart meter securitydesign flaws that may not be known at the time of deployment, but maybecome critical later. This is particularly evident in the case of theremote disconnect feature, as a major disruption target forcyber-terrorism but also a possible entry point for local thieves as away to disconnect some house alarms from their power source.

In practice, today's security designs for smart grids and smart metersare largely inspired by the telecommunication industry and a large partof them is subject to emerging standardization by internationalcommittees such as ANSI or IEC. However the requirements are verydifferent, as telecommunication end devices such as mobile phones,set-top-boxes or even television receivers seldom exceed an operationallifetime of 10 to 20 years. In contrast, metering equipment is typicallyinstalled at the time of a house building and meant to last at least 20years, if not 50 to 100 years.

Once the standard specifications are defined, it is no longer possibleto update the design (for instance, cryptographic algorithms, keylengths and key management systems) without breaking compliance, whichis a major issue in deregulated markets where any metering device modelfrom any manufacturer needs to operate with any utility providerinfrastructure and this possibly for the next 50 to 100 years.

There is therefore a need for alternative solutions clearly separatingthe advanced but complex and security sensitive monitoring functionalityfrom the basic but proven utility delivery and consumption measurementfunctionality. In this approach, the fully operational legacy meters donot need to be upgraded, which also helps saving upgrade costs and smartmeter manufacturing energy.

Separation of the remote monitoring functionality from the basic legacymetering functionality typically requires a detachable monitoringdevice, including at least:

-   -   A reader sensor interface to be connected to the legacy meter        display or electrical reading interface (serial, optical etc).    -   A memory to buffer the utility usage information prior to        reporting it.    -   One or several network communication interfaces to report back        the data to either the utility network and/or the end user home        area network, in compliance with existing regulations and        relevant technical standards.    -   A processor in charge with monitoring the reading, storing and        reporting operations.

Such detachable monitoring solutions and associated data managementsystems have already been described, for instance in WO07134397 or GB2460517. Some related devices are also now commercialized for instanceby PilotSystems (http://www.pilotsystems.com) and Xemtec(http://www.xemtec.ch), but none of this prior art addresses thesecurity enforcement functionality.

In order to fully address the utility usage consumption hacking threat,it is important to prevent hacking on all individual components in theend-to-end communication chain. As opposed to smart meters, legacymeters LM as the first component in the end-to-end communication chainhave no interfaces to open networks, so their hacking requires a localmechanical operation with certain safety and tamper evidence concerns,as meters are typically sealed by utility vendors everywhere in theworld. On the other end of the chain, state of the art cryptographicdesign is applied to communications between the monitoring module andthe utility infrastructure over open networks, but this security is justas secure as the secrecy of underlying keys. A tamper proof design onthe monitoring module device side is therefore of primary importance.

SUMMARY OF THE INVENTION

The object of the invention is thus to eliminate the drawbacks of theprior art and to provide a secure detachable utility monitoring deviceto be appended to a utility metering apparatus for controlling at leastone utility usage consumption.

This is achieved thanks to a detachable metering monitoring device to beconnected with a utility meter for controlling at least one utilityconsumption metered by said utility meter, comprising:

-   -   a usage reading interface to acquire a utility consumption value        metered by said utility meter,    -   a first secure memory to store at least a unique identifier ID        and a personal key, both pertaining to said device,    -   a crypto processor to generate a cryptogram from information        data comprising at least the utility consumption value, said        cryptogram being encrypted with said personal key,    -   a message generator to generate an information message including        at least said cryptogram and the unique identifier ID,    -   a sending unit to send the information message to a remote        management center.

The utility metering apparatus permanently (or periodically) measuresthe utility usage consumption while the detachable metering monitoringdevice reads the utility usage consumption from said apparatus on aregular basis with a usage reading interface or any means to acquire atleast one utility consumption metered by the utility metering apparatus.The detachable metering monitoring device can buffer the utilityconsumption and is able to report it to a utility usage monitoringinfrastructure through a communication interface, in particular to aremote management center by means of a sending unit. The detachablemetering monitoring device is also provided with a first secure memoryto store at least a unique identifier ID and a personal key; this uniqueidentifier and this private key pertaining to this device. Thedetachable metering monitoring device is provided with a cryptoprocessor to generate a cryptogram from information data comprising atleast the utility consumption value; this cryptogram being encryptedwith the personal key of the detachable metering monitoring device. Thisdevice also comprises a message generator or any other means to generatean information message including at least the cryptogram and the uniqueidentifier ID. This information message can be sent to the remotemanagement center by using the sending unit of the communicationinterface.

The device could further comprise a security module in charge withhandling the security sensitive data, security processing and securitymessaging associated with said reporting to said utility usagemonitoring infrastructure.

Other embodiments of the present invention will be described in thefollowing detailed description.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a legacy meter LM and a detachable monitoring device DMthat can be appended to the legacy meter.

FIG. 2 shows the legacy meter LM of FIG. 1 extended with the detachablemonitoring device DM operationally connected to the metering usagedisplay DISP of the legacy meter.

FIG. 3 shows the legacy meter LM of FIG. 1 extended with the detachablemonitoring device DM operationally connected to the optional meteringusage electrical reading connector RD of the legacy meter.

FIG. 4 shows a detachable monitoring device DM with its main componentsand interfaces.

FIG. 5 shows the detachable monitoring device DM of FIG. 4 including acrypto processor CRYPTO in connection with a secure memory SMEM.

FIG. 6 shows detachable monitoring device DM operationally connected toa legacy meter LM, where the detachable monitoring device DM furtherincludes a security module interface SM.

FIG. 7 shows the detachable monitoring device DM of FIG. 4 together witha security module SM connected through a dedicated interfaces SEC.

DETAILED DESCRIPTION

Referring to FIG. 1, a secure detachable utility monitoring device DM isshown as being connectable in a removable manner to a legacy meter LM,also referred to as utility meter, for controlling a utility usageconsumption, such as electrical power consumption, water or gasconsumptions. The illustrated legacy meter implements the conventionalmetering usage display DISP as well as an optional metering usageelectrical reading connector RD. The legacy meter or utility meteringapparatus permanently measures at least one utility usage consumptionwhile the detachable metering monitoring device DM reads this utilityusage consumption, on a regular basis. To this end and according to oneembodiment, the legacy meter LM can be extended with a detachablemonitoring device DM operationally connected to the metering usagedisplay as shown in FIG. 2. The detachable monitoring device illustratedhere includes an OCR reading interface and reports the legacy meterdisplay onto its own display to enable further manual reading of themetering value.

Alternately and as shown in FIG. 3, the legacy meter LM can be extendedwith a detachable monitoring device DM operationally connected to theoptional metering usage electrical reading connector RD. The detachablemonitoring device illustrated here complies with the relevant meteringusage communication industrial standard such as IEC1107 or IEC61107,FLAG, ANSI C12.18 for optical ports or ANSI C12.21 for modem ports.

The detachable monitoring device DM shown in FIG. 4 comprises a usagereading interface READ to acquire a utility consumption value metered bythe legacy meter LM in accordance with any of the above described form,a usage memory buffer MEM for storing at least temporarily utilityconsumption values read by the usage reading interface READ, a remoteutility monitoring interface GRID for reporting at least these utilityconsumption values to a remote management center, an optional home areanetwork interface HAN for optionally connecting a HAN device processingat least a part of data read by the reading interface, an optionalvisual display DISP and a central processor CTRL in charge with thecontrolling the above components.

Referring to FIG. 5, the latter shows the detachable monitoring deviceDM of FIG. 4 further comprising a crypto processor CRYPTO providingcryptographic functionalities supported by the central processor CTRL.The crypto processor CRYPTO can generate a cryptogram from informationdata comprising at least the utility consumption value. According to thepreferred embodiment, this cryptogram is encrypted with a personal keyof the detachable metering monitoring device DM. Owing to the cryptoprocessor, the utility consumption value read by the usage readinginterface READ can be input into a cryptographic function in order toget an encrypted data that is not readable without knowing secretinformation. For this reason, the crypto processor is in connection witha secure memory SMEM to store sensitive information such as secretcryptographic keys and a unique identifier ID belonging to thedetachable metering monitoring device DM (or to the utility meter LM).The crypto processor implements various cryptographic algorithms such asfor instance, but not limited to, AES, IDEA-NXT, RSA, SHA-256, ECC, etc.The crypto processor is also the single component able to interact withthe secure memory both in reading and writing. The detachable monitoringdevice DM also comprises a message generator MGEN for generatingreporting messages that have to be sent to the remote management centerby means of the communication network interface GRID. These reportingmessages comprise, in particular, information messages which include atleast the cryptogram and the aforementioned unique identifier ID.

The usage memory buffer MEM is able to buffer the utility consumptionvalues in view to report them to a utility usage monitoringinfrastructure (such a remote management center) through a communicationinterface.

The information data used as input for generating the cryptogram mayfurther comprise a predefined complementary data, for instance aconstant. Information data may further comprise the unique identifier IDof the detachable metering monitoring device. Information messages sentby this device may further comprise any information about this device,for instance its status or information about the version of this device,in particular the version of its firmware. It could be also possible tosend information relating to the utility consumption, e.g. in view tocollect statistical data or for any other purposes.

The above-mentioned cryptogram could be a result of a hash function (oran XOR function) on the information data. In this case, the informationmessage further includes the utility consumption value.

The personal key pertaining to the device of the present invention mayfurther be an asymmetric key in a public/private encryption scheme, theremote management center having the corresponding asymmetric key. Thus,the private key and the public key forming together a pair of keys whichare used to encrypt and to decrypt the exchanged messages.

The detachable monitoring device DM is appended to the legacy metershown in FIG. 1 by means of a meter interface, in particular the usagereading interface READ which can take various forms to adapt to themeter technology: OCR-reading for older legacy meters, standard opticalor modem interface reading for more recent legacy meters, and wirelessor power line communications based on smart metering standards in orderto enable future smart meters security renewability. The monitoringdevice may implement any, a subset or all of the latter possibleinterfaces as dictated by cost factors, implementation issues (e.g.battery lifetime) and market needs.

To support old legacy meters without electrical reading interface canonly be visually read, the detachable monitoring device DM from FIG. 2is connected to the display of the legacy meter LM and the means toacquire the utility consumption value of the monitoring device comprisean OCR reading interface to read this utility consumption. The devicealso reports the legacy meter display onto its own display to enablefurther manual reading of the metering value.

Alternately, in the more recent legacy meter LM from FIG. 3 thedetachable monitoring device DM can be operationally connected to themetering usage electrical reading connector RD. Thus, means to acquirethe utility consumption value, such as the usage reading interface READin the device of the present invention, could comprise an electricalconnection provided by the utility meter for transmitting the utilityconsumption value.

The detachable monitoring device DM is attached to the legacy meter byany means of mechanical fasteners like screws, or chemical fastenerslike glue, or magnets. Moreover, it is desirable that the detachablemonitoring device DM is further bound to the legacy meter by means of aseal for tamper evidence purposes, so that only authorized personnel canconnect/disconnect the detachable monitoring device DM to/from thelegacy meter LM.

Both the crypto processor CRYPTO and the secure memory SMEM have to betamper proof against various types of attacks. To this end, the cryptoprocessor and secure memory may be implemented as dedicated siliconcircuitry or integrated into the monitoring device hardware undercareful isolation from the main processing and communication facilitiesas shown in FIG. 5. The crypto processor may include custom cryptographylogic blocks. It is also possible to emulate the security module SMfunctionality in an isolated software component by means of obfuscationand white box cryptography software security technologies.

In order to facilitate the crypto processor and secure memoryimplementation, security design segmentation and personalization in linewith state of the art industrial practices and processes, in anotherembodiment, the corresponding security functionality is physicallyisolated by implementing it into a separate security module.

In one embodiment shown in FIG. 6, the legacy meter LM is extended witha detachable monitoring device DM operationally connected to it and thedetachable monitoring device DM further include a security moduleinterface SM suitable for instance to host a smartcard, possibly in theSIM card form factor.

In accordance to another embodiment, FIG. 7 shows a detachablemonitoring device DM, similar to that of FIG. 4, where the centralprocessor CTRL also interacts with a security module SM though adedicated interface SEC. The security module SM implements the cryptoprocessor functionality CRYPTO in connection with the secure memory SMEMto store sensitive information such as secret cryptographic keys atleast.

Beyond its security design and manufacturing advantages, this separatesecurity module enables to separate the security renewability from thereading and reporting monitoring functionality and communication devicerenewability. As a smartcard or SIM card form factor is thin enough tobe conveyed to the end user by regular mail at the same cost as a simpleletter, and the security module can be renewed by the end user withoutany intervention on the meter itself, i.e. without safety concerns, andfurthermore without requiring the utility personnel on-site interventionto unseal and renew the detachable monitoring device in the case whereit is sealed.

In addition, for utility markets requiring a prepayment business modelsupport, the detachable monitoring device DM may either embed aprepayment control functionality connected at regular intervals to theremote utility server subscriber authorization system through thecentral processor CTRL and the communication network interface GRID, ora standard contact-based or contactless interface SEC to a prepaymentsmartcard SM, in various possible form factors such as, but not limitedto, ISO7816, SIM, SD, μSD, MMC.

In a further embodiment, the security module can be combined with a HomeArea Network HAN interface in order to read, record and securely reportthe data from further HAN devices to a further Meter Data ManagementSystem. This interface is preferably of wireless and low-powerconsumption nature such as Zigbee.

In another embodiment, in order to manage the various data and controlqueries with possibly complex metering business models in a secure waywhile supporting broadcast messaging optimization, the security modulepreferably implements a relational database.

In another embodiment, in order to ensure security maintenance andrenewability over time, the detachable monitoring device DM implements asecure boot mechanism for its controller processor CTRL under closecontrol by the security module SM. In the absence or malfunction of thesecurity module SM, no or limited communication functionality issupported so that an alarm is triggered on the utility infrastructureside.

Another advantage of the device of the present invention is to provideenhanced management of the consumption by enabling management of morethan one counters activated according to a time schedule or by receptionof command messages.

Another advantage of the detachable metering device of the presentinvention is to provide enhanced management of the consumption byenabling to differentiate the utility consumptions metered underdifferent tariffs and to totalize each of these utility consumptions.This purpose may be reached for instance by using a plurality of tariffcounters, each of them being used to count the utility consumption undera predetermined tariff. The device can have different states (e.g. anormal operating state or mode, a lowest operating state, a disruptedoperating state, etc. . . . ) which can correspond to the pluralitytariffs applicable. The assigning of a predetermined tariff by aselecting unit SELECT may depend on a time scheduler, on the receptionof a command message from the remote management center or can be anaction resulting from a switching of the operating mode of thedetachable metering device.

According to a preferred embodiment, the detachable metering device DMcomprises a last updated memory to store the utility consumption valuewhile at least one tariff memory is updated. The selecting unit SELECTor any selection means is used for defining the use of a currentpredetermined tariff among different predetermined tariffs. Thisselecting unit can switch from a predetermined tariff to another one. Tothis end, the detachable metering monitoring device DM comprises aplurality of tariff memories TMEM to store the utility consumptionaccording to different states of the device DM, where a predeterminedtariff is assigned to each state. In particular, this device comprisesat least two tariff memories in order to memorize sums (i.e. cumulatedvalues) of utility consumptions metered under these differentpredetermined tariffs; each tariff memory being assigned for countingthe utility consumption under one predetermined tariff. Finally, thisdevice comprises a consumption calculator CALC or any means firstly tocalculate a current consumption value from the last updated memory andthe acquired utility consumption value read by the usage readinginterface READ. To this end, the consumption calculator CALC subtractsthe utility consumption value stored in the last updated memory from theacquired utility consumption value. Then, a memory updating unit UPMEMupdates the value stored in the tariff memory TMEM corresponding to thecurrent predetermined tariff (i.e. selected by the selecting unitSELECT) by adding this current consumption value. Then, the memoryupdating unit UPMEM reloads the last updated memory with the valuemetered during said acquisition step. Preferably, the memory updatingunit UPMEM comprises a processing unit to read the selected tariffmemory, to add the current consumption value to the selected tariffmemory and to write said sum to the selected tariff memory.

The values stored in the corresponding tariff memories TMEM relating toconsumptions carried out under predetermined tariffs can be part of theinformation data used to generate the cryptogram included in theinformation message sent to the remote management center.

According to another embodiment, the device DM of the present invention,in particular the communication network interface GRID, furthercomprises a reception unit RECEIV or any means for receiving at leastone message sent by the remote management center and an authenticatingunit AUTH or any means to authenticate this message by using thepersonal key of this device DM. In case of successful authentication,these means may be able to execute commands included in this message. Ifauthentication failed, the message could be merely dismissed or anotheraction could be triggered. For instance, the message received by thereception unit RECEIV of the device DM from the management center couldbe a command message ordering means for defining the use of the currentpredetermined tariff to use a higher tariff than the current one, e.g.the highest available tariff. Alternatively, the command message couldorder means for defining the use of the current predetermined tariff toswitch the tariffs in accordance with a time schedule. Such a timeschedule could be stored, for instance, in the first secure memory ofthe detachable metering monitoring device and could be updated via amessage sent by the management center.

According to another embodiment, the device of the present inventionfurther comprises a validity counter VCOUNT or any means toincrement/decrement a validity value according to the utilityconsumption or a time (e.g. a duration), a resetting unit RESET or anymeans to update or substitute the value of the validity counter by a newvalidity value, and a switch SWIT or any means to switch the operatingof the device DM from a normal operating mode to a disrupted operatingmode, depending on whether the value of the validity counter reaches atleast one predetermined threshold value.

The disrupted operating mode could force means for defining the use of acurrent predetermined tariff to use a tariff higher than the currentpredetermined tariff, for instance the highest tariff.

The validity counter VCOUNT could be a time counter or a check pulsescounter, incremented according to an internal clock. In anotherembodiment, the validity counter could be incremented according to theconsumption of the utility so that the validity counter could be basedon counting of the utility consumption (e.g. kWh for electrical powerconsumption or m³ for gas or water consumption).

Besides, the personal key used by means to authenticate the renewalmessage could be a private key pertaining to the detachable meteringmonitoring device and, in this case, the renewal message would beencrypted with a corresponding public key of this device.

The new validity value used to reload the validity counter and/or thethreshold value which allows switching between the normal operating modeand the disrupted operating mode can be included within the renewalmessage or can be prestored in the first secure memory SMEM of thedetachable metering monitoring device DM.

The renewal message may include updating information about this device,for instance information relating to its firmware.

Before switching from the normal mode to another mode, e.g. thedisrupted mode, it could further be possible to alert the consumer, viaa message displayed on the screen of the device or via any other means(sound, light, etc. . . . ), that the validity counter of his device hasreached a critical level. Such an alerting means or alerting unit ALERTwould be useful to warn the consumer from any inconvenience, typicallythe interruption of the utility consumption or any increasing tariff.

The utility which is metered by the utility meter could be electricpower, gas or water. Besides, it could be also possible to imagine thatthe utility meter, to which the device of the present invention isattached in a removable manner, could be able to meter several utilityconsumptions, such as electric power consumption and water or gas ifneeded. In this case, the device of the present invention could beadapted to deal with these consumptions instead of having severaldevices, i.e. one for each utility consumption.

The invention claimed is:
 1. A detachable metering monitoring device,connectable with a utility meter, to control at least one utilityconsumption metered by the utility meter, the detachable meteringmonitoring device comprising: a usage reading interface to acquire autility consumption value metered by said utility meter, first securememory to store at least a unique identifier ID and a personal key, bothpertaining to said detachable metering monitoring device, a cryptoprocessor to generate a cryptogram from information data comprising atleast the utility consumption value, said cryptogram being encryptedwith said personal key, a message generator to generate an informationmessage including at least said cryptogram and the unique identifier ID,and a communication network interface including a sending unit to sendsaid information message to a remote management center.
 2. Thedetachable metering monitoring device of claim 1, wherein saidinformation data further comprises a predefined complementary data. 3.The detachable metering monitoring device of claim 1, wherein saidinformation data further comprises the unique identifier ID.
 4. Thedetachable metering monitoring device of claim 1, wherein the cryptogramis a result of a hash function on the information data, said informationmessage further comprising the utility consumption value.
 5. Thedetachable metering monitoring device of claim 1, wherein saidinformation message further includes a firmware version of saiddetachable metering monitoring device.
 6. The detachable meteringmonitoring device of claim 1, wherein the personal key is an asymmetrickey in a public/private encryption scheme, the remote management centerhaving the corresponding asymmetric key.
 7. The detachable meteringmonitoring device of claim 1, wherein the usage reading interfacecomprises an electrical connection provided by said utility meter totransmit the utility consumption value.
 8. The detachable meteringmonitoring device of claim 1, wherein the usage reading interfacecomprises an OCR reading interface to read the utility consumptionmetered by said utility meter.
 9. The detachable metering monitoringdevice of claim 1, further comprising: plurality of tariff memories tostore the utility consumption according to different states of thedetachable metering monitoring device, a last updated memory to storethe utility consumption value while at least one tariff memory isupdated, a selecting unit to select one of the tariff memories accordingto the current state, a consumption calculator to calculate a currentconsumption value from the last updated memory and the acquired utilityconsumption value, and a memory updating unit to apply the calculatedcurrent consumption value to the tariff memory selected by the selectingunit and to update the last updated memory with the acquired utilityconsumption value.
 10. The detachable metering monitoring device ofclaim 9, wherein the selecting unit to select the state of the deviceand the tariff memory is driven by a time scheduler.
 11. The detachablemetering monitoring device of claim 9, wherein the communication networkinterface comprises a reception unit and wherein the selecting unit, forselecting one of the tariff memory and the state of the detachablemetering monitoring device, is driven by the reception of a message fromthe remote management center.
 12. The detachable metering monitoringdevice of claim 9, wherein the memory updating unit comprises aprocessing unit to read the selected tariff memory, to add the currentconsumption value to the selected tariff memory and to write said sum tothe selected tariff memory.
 13. The detachable metering monitoringdevice of claim 9, wherein said information message further comprisesthe values of the tariff memories.
 14. The detachable meteringmonitoring device of claim 1, further comprising: an authenticating unitto authenticate messages received from the remote management centerthrough the reception unit by using said personal key and, in case ofsuccessful authentication, to execute the authenticated messages. 15.The detachable metering monitoring device of claim 1, wherein saidmessage is a renewal message and wherein said detachable meteringmonitoring device further comprises: a validity counter toincrement/decrement a validity value according to the utilityconsumption or a time, a resetting unit to substitute a value of thevalidity counter by a new value, and a switch to switch the functioningof the detachable metering monitoring device from a standard functioningmode to a disrupted functioning mode, depending on whether the value ofthe validity counter reaches at least one threshold value.
 16. Thedetachable metering monitoring device of claim 10, wherein the memoryupdating unit comprises a processing unit to read the selected tariffmemory, to add the current consumption value to the selected tariffmemory and to write said sum to the selected tariff memory.
 17. Thedetachable metering monitoring device of claim 10, wherein saidinformation message further comprises the values of the tariff memories.18. The detachable metering monitoring device of claim 11, wherein thememory updating unit comprises a processing unit to read the selectedtariff memory, to add the current consumption value to the selectedtariff memory and to write said sum to the selected tariff memory. 19.The detachable metering monitoring device of claim 11, wherein saidinformation message further comprises the values of the tariff memories.